Building a unified enterprise defense system with AI at the centre

By Brijesh Balakrishnan, Vice President & Global Head Cybersecurity Practice, Infosys 

(AI) is revolutionising business by transforming traditional security paradigms. With its potential for advanced data analysis and adaptive learning capabilities, and combined with automation, AI has heralded a new age of threat detection. As per Statista’s findings, the market value of AI in cybersecurity is projected to reach $46.3 billion by 2027 (from $10 billion in 2020). Gen AI solutions are also being adopted alongside, as is evident from the new survey by Cloud Security Alliance (CSA), predicting that 55% of organisations surveyed intend to adopt gen AI solutions within the next year. From a cyber defense perspective, this demonstrates that we are in the age of AI forward cyber defense, or assisted intelligence, where AI is helping humans take informed decisions.

AI-assisted to AI-driven cyber defense
As of today, cyber defense driven primarily by AI is an aspirational step for all enterprises, who have currently embraced AI-assisted cyber defense or assisted intelligence. Assisted intelligence translates to AI providing insight but relying on human intelligence to act on the input provided. It is in the automotive industry that we see both pure play AI and assisted AI at work. ADS or Advanced Driving Systems use pure play AI, that is cognitive and autonomous, to navigate with no human control. However, vehicles with Advanced Driver Assistance Systems (ADAS) use multiple sensors and alert systems to act as a driver’s chaperone, alerting them of possible dangers to prevent car accidents.

Roadblocks to AI adoption
While several cybersecurity experts claim to have AI capabilities, with co-pilot on their platforms, the maturity level of these platforms cannot be relied on completely. For instance, with gen AI and ChatBots, there have been incidents such as prompt injection attacks or extraction attacks, compromising organisational data. For this reason, in cyber defense, enterprises that are adopting AI, still rely on humans to take informed decisions.

Some challenges that organisations face when adopting AI include implementation challenges, prohibitive costs, ethical issues and the lack of required checks and balances. AI implementation is possible only with the use of the right data sets and with all types of data flowing across organisations, it is hard to determine which data AI should draw from. Next, is the cost factor. AI models require high compute power, with gen AI requiring GPUs, which come at an exorbitant cost. Language Processing Units, which are emerging might also be extremely expensive to run large language models. With use cases for AI in its nascent stage, as enterprises try and determine if AI will cut efforts, replace humans, or assist CIOs, the return on AI adoption investment is still unclear. A major concern is that of the ethics of AI models. In a world inundated with deep fakes and AI bias, organisations must ensure that the right checks and balance help prioritise transparency, fairness, accountability, and human well-being.

The mitigation Plan: responsible AI
To overcome ethical challenges within AI adoption, some companies are drawing up responsible AI imperatives to help enterprises balance innovation with ethics. This includes best practices designed to drive responsible AI adoption, by identifying the overall risk posture, building technical guardrails within the AI design lifecycle and advisory solutions for AI security. With due diligence and by adhering to regulatory requirements, organisations can steer clear of data poisoning or contamination as they adopt AI in cyber defense.

The Future is Unified AI driven cyber defense
The impact of AI in threat detection is massive – as it analyses numerous datasets and identifies anomalies in real time. AI plays the role of an orchestrator in the entire cybersecurity reference architecture, as its pivotal engine. AI can be applied across monitoring solutions, detection controls and prevention controls, and is being embedded by cybersecurity vendors in their technology stack. It is not too far in the future that we will move to an integrated approach with different co-pilots being brought together in an integrated manner, complementing each other. The whole spectrum of threat detection, vulnerability management, network security, cloud security and compliance need to be unified, and AI has the potential of orchestrating cyber defense seamlessly and holistically.

AICybersecurityGenAI
Comments (0)
Add Comment